Use your computer fearlessly.

Mission Services Articles Research

business: breach

business: response: Incident Response, Part 1: Planning, Part 2: Response, Part 3: Coordination, Part 4: Strategy, Part 5: Recovery, Part 6: Investigation, Part 7: Evolution

Incident Response to Data Breach, Part 1: Planning

by Brent Kirkpatrick

(Date Published: . Revised: 4/24/2018)

Your response to a security breach should rapidly involve the whole organization.

Recently, numerous companies have been breached: Equifax, Forever21, Delloitte, Merck, Pizza Hut, etc. This means that they have been hacked and have lost sensitive data to the hackers.

Typically, the data breach needs to be reported to the people effected by it. Often a company will choose to re-secure their network before announcing the breach. This is because an announcement of data breach is often accompanied by an increase in hacking.

In this series of articles, we will consider the following questions: Who to involve in the response? How to coordinate? What strategic moves to consider? How to recover? When to investigate?

cofee cup, pen, and paper reading Planning

Response to a breach involves people, process and technology---your whole organization. Getting your PR and legal people involved early prevents siloing of the response in the technical realm. Know someone to call who specializes in incident response. Look for someone who has a strategy for their service, rather than someone who assume that a new piece of hardware will fix everything. Know which cybersecurity frameworks you are using, for example: NIST, PCS-DSS, SOX, etc. (More on legal frameworks.) Know your network topology.

Clean-Up (TM). Incident response driven by data.

Business Articles:

Incident Response, Part 1: Planning
Incident Response, Part 2: Response
Incident Response, Part 3: Coordination
Incident Response, Part 4: Strategy
Incident Response, Part 5: Recovery
Incident Response, Part 6: Investigation
Incident Response, Part 7: Evolution

Cascading Data Breaches
Incident Response Plan
Why Clean-Up Hacking?
Rapid Containment of Intrusions

What Is New? | Contact | Tips

© 2015-2021 Intrepid Net Computing. All rights reserved.